Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json)
Hash identifier: ZYxOXjGJnmcywK+FJ97/VUYYbXudt1R2efJ21eqvCXM=
Subject key identifier: 69:03:ED:A0:2D:B4:0B:FD:4E:8B:FE:BE:67:80:0B:C7:24:37:97:74
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31EF7D0BC0595C9037FBE14EB8B0E46C307C77AB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:ef:7d:0b:c0:59:5c:90:37:fb:e1:4e:b8:b0:e4:6c:30:7c:77:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=e2e3fd964e1dd17a9102005208b64e7a8d5610563a385efecfc86503015d33f2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d3:a9:b7:25:81:fc:f1:1a:92:e3:c5:78:62:
76:7a:e3:5c:db:1b:e5:b4:c1:1d:7c:85:76:5b:d0:
e7:cf:0a:87:a2:e1:df:f0:9f:17:ff:1f:e1:5d:7b:
2b:66:86:c9:a6:e6:00:2e:17:b3:b5:2f:e0:4e:7a:
9a:13:c8:a3:cb:97:48:23:48:d2:6e:7e:db:d8:ec:
e9:07:d8:9e:59:1a:59:4b:dc:c3:75:55:2c:ec:48:
ca:71:84:7d:fb:c0:de:4d:b4:b2:ce:e8:5d:35:9b:
f2:b1:50:f6:71:1a:dc:76:ab:d2:b3:ae:47:7c:e9:
b2:2a:04:36:3d:81:57:0c:1b:75:25:85:0b:5d:b0:
0e:03:9a:57:d5:0f:87:84:13:f9:dd:fe:93:5a:d9:
4c:72:f8:9d:62:99:aa:a2:30:95:bc:46:2e:52:21:
f5:22:48:a2:99:23:6b:7b:f6:fe:9a:d0:d6:45:a7:
54:96:73:50:8e:5a:c1:2e:30:ee:71:e0:cb:a0:8b:
34:f0:0b:2f:6b:8b:b9:ce:f2:3b:c3:b0:b8:04:5d:
c5:66:ea:67:46:38:47:3a:7d:0f:84:d6:1f:6e:c1:
f4:3a:31:76:c0:88:f0:4d:25:cd:da:37:a7:d8:40:
d3:76:b8:91:a0:c2:0a:ec:bc:a9:cb:36:d5:04:64:
42:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:03:ED:A0:2D:B4:0B:FD:4E:8B:FE:BE:67:80:0B:C7:24:37:97:74
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:c4:c6:0b:8f:8e:7f:30:61:e8:ab:16:e5:e9:32:fb:d8:83:
47:6c:38:d8:c5:4e:0f:47:6d:00:92:f6:72:ea:02:7a:e1:f0:
bb:03:7e:23:e4:54:66:1c:85:8e:1a:84:62:83:ee:00:f8:05:
12:45:53:b2:57:71:6a:cf:2a:5a:5e:c4:b3:62:0e:91:df:27:
12:48:77:ae:d3:1a:b1:94:28:2d:86:df:83:70:a6:00:7b:ba:
89:ed:32:c9:f7:e4:09:19:6b:d6:3a:15:0e:77:c7:f9:62:f0:
8b:26:01:ef:4a:e6:f9:65:f5:cf:62:d3:b7:7e:d6:20:af:21:
57:82:71:e6:3b:86:2f:18:10:51:5b:17:ee:28:5a:1a:95:ea:
c9:22:51:cf:7c:93:e4:67:92:ba:50:de:81:78:62:4b:0d:d0:
f0:d1:37:7b:d8:8c:e0:50:83:20:58:81:c9:da:d0:a6:f7:69:
3c:7a:bf:dd:83:aa:b0:6b:03:37:ce:d5:da:27:bd:45:9a:a3:
e6:12:14:dc:4a:f8:f5:02:20:58:5f:5e:ff:a2:d7:3f:af:68:
6d:ae:1d:db:92:c8:f5:ca:92:b0:c3:2d:64:4e:d5:53:1a:b6:
11:d8:47:e7:2b:53:42:01:84:2f:19:eb:86:bb:8e:77:63:df:
03:09:55:0e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMe99C8BZXJA3++FOuLDkbDB8d6swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyZTNmZDk2NGUxZGQxN2E5MTAyMDA1MjA4YjY0ZTdhOGQ1NjEwNTYzYTM4
NWVmZWNmYzg2NTAzMDE1ZDMzZjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfTqbclgfzxGpLjxXhidnrjXNsb5bTBHXyFdlvQ588Kh6Lh3/CfF/8f4V17
K2aGyabmAC4Xs7Uv4E56mhPIo8uXSCNI0m5+29js6QfYnlkaWUvcw3VVLOxIynGE
ffvA3k20ss7oXTWb8rFQ9nEa3Har0rOuR3zpsioENj2BVwwbdSWFC12wDgOaV9UP
h4QT+d3+k1rZTHL4nWKZqqIwlbxGLlIh9SJIopkja3v2/prQ1kWnVJZzUI5awS4w
7nHgy6CLNPALL2uLuc7yO8OwuARdxWbqZ0Y4Rzp9D4TWH27B9DoxdsCI8E0lzdo3
p9hA03a4kaDCCuy8qcs21QRkQjUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRpA+2g
LbQL/U6L/r5ngAvHJDeXdDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQApxMYLj45/MGHoqxbl6TL72INHbDjYxU4PR20AkvZy
6gJ64fC7A34j5FRmHIWOGoRig+4A+AUSRVOyV3FqzypaXsSzYg6R3ycSSHeu0xqx
lCgtht+DcKYAe7qJ7TLJ9+QJGWvWOhUOd8f5YvCLJgHvSub5ZfXPYtO3ftYgryFX
gnHmO4YvGBBRWxfuKFoalerJIlHPfJPkZ5K6UN6BeGJLDdDw0Td72IzgUIMgWIHJ
2tCm92k8er/dg6qwawM3ztXaJ71FmqPmEhTcSvj1AiBYX17/otc/r2htrh3bksj1
ypKwwy1kTtVTGrYR2EfnK1NCAYQvGeuGu453Y98DCVUO
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:33 2023 by rpki-client on console-fra.rpki-client.org